No explanation required I have my owned answers just need another...

No explanation required I have my owned answers just need another eyes to make sure my answers are correct or not.

Q1. Which of the following conditions shows the presence of a honeypot?

a.     Port show a particular service running but deny a three-way handshake connection

b.     Port show a particular service running and allow a three-way handshake connection

c.     Ports do not show any particular service running

d.     Scan shows that no scanned port is live on the network

Q2. John looks up Jesse's address and phone number on zabasearch.com, calls Comcast, and cancels Jesse's account. What type of attack is John the attacker using?

a.     Phishing

b.     Whaling

c.     Social engineering

d.     Buffer overflow

Q3. Which of the following factors contribute to a successful session hijacking attack?

a.     Definite session expiration time

b.     No clear text transmission

c.     Account lockout for invalid session IDs

d.     Weak session ID generation algorithm

Q4. Which of the following is a symptom of a DoS attack?

a.     Automatic increase in network bandwidth

b.     Unavailability of a particular website

c.     Decrease in the amount of spam emails received

d.     Automatic increase in network performance

Q5. Activities like dumpster diving, reading articles related about a company, and searching job postings on an online website fall under what category?

a.     Active reconnaissance

b.     Passive reconnaissance

c.     Active information gathering

d.     Passive information gathering

Q6. Which of the following is the 3D Graphics Library of Android?

a.     SSL

b.     OpenGL

c.     Media Framework

d.     SGL

Q7. A misconfiguration can include all but the following

a.     Disabled security feature

b.     Unneeded open port

c.     Unpatched systems

d.     Buffer overflow threat vector

Q8. The following tool is one of the most well-known vulnerability scanners:

a.     Metasploit

b.     Nessus

c.     hping 

d.     kali

Q9. The following allows an attacker on a switch to see all traffic, as if it were a hub:

a.     SPAN port

b.     ARP table

c.     BRIDGING mode

d.     NBTSTAT

Q10. Which of the following operating systems uses LM and NTLM hashes? (choose all that apply)

a.     Windows

b.     Cisco IOS

c.     Linux

d.     Solaris/Unix

Q11. The ping of death involves:

a.     Flooding

b.     Scanning

c.     Sending an oversized packet

d.     Spoofing

Q12. Which of the following are included in Android Runtime?

a.     Dalvik Virtual Machine

b.     core libraries

c.     Bind IPC driver

d.     Flash memory driver